366532 matches found
CVE-2026-11650
CVE-2026-11650 : Use after free in V8 (Google Chrome) prior to 149.0.7827.103 enables remote code execution inside a sandbox via a crafted HTML page. Affected software is Google Chrome’s V8 engine; impact is high as per Chromium advisory. The connected sources indicate the vulnerability arises fr...
CVE-2026-11648
CVE-2026-11648 is a use-after-free in FullScreen on Windows Chrome prior to 149.0.7827.103, potentially enabling heap corruption via a crafted HTML page. Affected software: Google Chrome (Windows). Root cause: use-after-free in FullScreen path. Impact: remote code execution risk (as implied by he...
CVE-2026-11647
CVE-2026-11647 is for Google Chrome on Android, where a use-after-free in the Printing subsystem precedes a sandbox escape via a crafted HTML page when the renderer is compromised. Affected: Chrome on Android prior to version 149.0.7827.103. Impact: remote attacker with renderer access could pote...
CVE-2026-11645
CVE-2026-11645 is an out-of-bounds read/write in Google Chrome’s V8 engine (pre-149.0.7827.103). A remote attacker could trigger arbitrary code execution inside the browser sandbox via a crafted HTML page. The vulnerability was identified as high severity and is being actively exploited in the wi...
CVE-2026-11646
CVE-2026-11646 affects Google Chrome’s ViewTransitions; a use-after-free in that component allows remote code execution in a sandbox via a crafted HTML page. Impact is high (remote, no user interaction required). A fix is available in Chrome 149.0.7827.103 and newer. If exploiting status is unkno...
CVE-2026-11643
CVE-2026-11643 : Use-after-free in Proxy handling of Google Chrome before version 149.0.7827.103 allows a remote attacker to execute arbitrary code via malicious network traffic. Impact is rated high/critical; exploit would require network access with no user interaction. The documented remediati...
CVE-2026-11644
CVE-2026-11644 describes a use-after-free in the Views component of Google Chrome on Linux, allowing code execution via a crafted Chrome Extension when a user is convinced to install a malicious extension. Affected software: Google Chrome (Linux) with the vulnerable Views code path. Root cause: u...
CVE-2026-11642
CVE-2026-11642 describes a use-after-free in Google Chrome’s Web Apps renderer that could allow a remote attacker who already compromised the renderer to potentially perform a sandbox escape via a crafted HTML page. Affected product: Chrome (Web Apps) prior to version 149.0.7827.103. Impact : san...
CVE-2026-11641
The CVE-2026-11641 entry documents a use-after-free in Bluetooth handling within Google Chrome on Windows to 149.0.7827.103 and earlier. The underlying issue is a use-after-free in Bluetooth code that allows a remote attacker to execute arbitrary code if the user is tricked into performing specif...
CVE-2026-11640
CVE-2026-11640 : Integer overflow in libyuv within Google Chrome prior to 149.0.7827.103 can allow a remote attacker (with renderer access) to potentially escape the sandbox via a crafted HTML page. This is a Chromium-level issue; the referenced Chrome Security Update notes a fix in the Stable Ch...
CVE-2026-11638
Concrete details found: CVE-2026-11638 affects Google Chrome (Printing) before 149.0.7827.103. The vulnerability is a use-after-free in the Printing component that could allow a remote attacker to potentially escape the Chrome sandbox via a crafted HTML page (severity: Critical). Impact is sandbo...
CVE-2026-11639
CVE-2026-11639 describes a use-after-free in the Compositing path of Google Chrome on macOS prior to version 149.0.7827.103, allowing a remote attacker to execute arbitrary code via a crafted HTML page. The issue is labeled Critical in Chromium terms, with network attack vector, high impact on co...
CVE-2026-11636
CVE-2026-11636 is a use-after-free in Chrome’s Autofill on Windows prior to 149.0.7827.103, enabling a remote attacker who entices a user to perform specific UI gestures to potentially trigger heap corruption via a crafted HTML page. The issue affects the Chromium-based browser and is addressed i...
CVE-2026-11637
CVE-2026-11637 is a use-after-free vulnerability in Chrome's Views on macOS, exploitable via a crafted HTML page to achieve remote code execution. Affected software is Google Chrome for macOS with versions earlier than 149.0.7827.103 (Chromium). The underlying cause is use-after-free in the Views...
CVE-2026-11635
Summary: CVE-2026-11635 is a use-after-free in Chrome’s Bluetooth stack on macOS prior to 149.0.7827.103. If a renderer process is already compromised, this flaw could enable a sandbox escape via a crafted HTML page. Affected product/version: Google Chrome on macOS, before version 149.0.7827.103....
CVE-2026-11634
CVE-2026-11634 describes a use-after-free in Chrome’s Gamepad handling on Windows, exploitable via a crafted HTML page to potentially escape the Chromium sandbox. Affected: Google Chrome on Windows, prior to version 149.0.7827.103. Impact: remote attacker could achieve sandbox escape with a high ...
CVE-2026-11633
Summary (CVE-2026-11633) : A use-after-free in Bluetooth handling in Google Chrome on macOS allows a remote attacker to execute arbitrary code via a malicious Bluetooth peripheral. The flaw’s impact is described as critical; affected software is “Google Chrome on Mac” with the vulnerable componen...
CVE-2026-11631
CVE-2026-11631 is a Use-after-Free in Aura within Google Chrome on Windows, before build 149.0.7827.103. The root cause is a memory management error in Aura that could allow a compromised renderer process to escape the sandbox via a crafted HTML page, enabling a remote attacker to potentially tak...
CVE-2026-11632
CVE-2026-11632 describes a use-after-free in the TabStrip component of Google Chrome, exploited when a user performs specific UI gestures that lead to code execution via a crafted HTML page. The vulnerability affects Chrome versions prior to 149.0.7827.103 and is described as a remote code execut...
CVE-2026-11630
CVE-2026-11630 concerns a Use-after-free in Chrome's File Input handling, leading to potential heap corruption via a crafted HTML page. Affected software is Google Chrome (Chromium-based); the issue is described as a Use after free in File Input prior to 149.0.7827.103. The Connected and Initial ...
CVE-2026-11629
CVE-2026-11629 is a Use-after-Free in Chrome’s Ozone component that could allow a remote attacker to cause heap corruption via a crafted HTML page. Affected software is Google Chrome, with the vulnerability present in builds prior to 149.0.7827.103. Remediation is provided by the Chrome Stable up...
CVE-2026-11628
Use-after-free in Ozone component of Google Chrome (versions before 149.0.7827.103) can allow a local attacker to potentially cause heap corruption when physical access is available. Root cause: use-after-free. Affected software is Chrome with the Ozone stack; the vulnerability is mitigated by up...
CVE-2026-47725
Summary (CVE-2026-47725): The connected advisory for nebula-mesh exposes a CSRF vulnerability in the web UI. All released versions up to v0.3.2 have mutating endpoints under /ui/* that process POST/PUT/PATCH/DELETE requests as soon as a session cookie is valid, with SameSite=Lax not preventing ce...
CVE-2026-47724
CVE-2026-47724 is a reserved entry; however, a connected advisory (GHSA-598G-H2VC-H5VG) details a security gap in Nebula Mesh where API endpoints under /api/v1/* trust bearer tokens without per-operator ownership checks, enabling cross-tenant privilege escalation. The advisory lists concrete expl...
CVE-2026-47723
CVE-2026-47723 in this set is reserved; connected Ghsa entry NG (nebula-mesh) documents a vulnerability: Web UI and API responses lack standard security headers (CSP, X-Frame-Options, HSTS, X-Content-Type-Options, etc.). Affected Nebula Mesh releases up to v0.3.0 are exposed to clickjacking, MIME...
CVE-2026-47722
Nebula mesh is affected by a YAML-injection vulnerability via host advanced overrides in config.yml. All releases before v0.3.2 are impacted. An operator with access to overrode ListenHost or TunDevice could inject YAML keys (e.g., lighthouse or am_relay) through templated config generation, pote...
CVE-2026-47721
The connected GitHub advisory for FUXA (GHSA-8GHR-W65F-J3QR) discloses an authorization flaw in the Scheduler API: authenticated non-admin users could create or modify scheduled actions that should be admin-only, potentially impacting device values and server-side scripts. The issue is fixed in F...
CVE-2026-47720
The CVE-2026-47720 entry is linked to a GitHub advisory (GHSA-H9FJ-C2QR-76G2) describing an SQL Injection in FUXA’s TDengine DAQ storage connector. The root cause is improper sanitization in the escapeTdString logic (server/runtime/storage/tdengine/index.js:10) which doubles single quotes but doe...
CVE-2026-47719
CVE-2026-47719 is not a placeholder in the connected data: an unauthenticated SSRF in FUXA allows a remote attacker to induce server-side HTTP(S) requests by abusing the DEVICE_WEBAPI_REQUEST and DEVICE_PROPERTY handlers, which bypass authorization checks and echo the response back to the attacke...
CVE-2026-47252
CVE-2026-47252: Concrete details exist in connected docs about an AppleScript/JXA code injection via unescaped URL in the macOS Anyquery chrome_tabs plugin. Root cause: URLs inserted directly into AppleScript templates without escaping, allowing newline-containing payloads to break out of JSON-li...
CVE-2026-9669
The CVE affects Python’s bz2.BZ2Decompressor: objects could be reused after a decompression error, allowing an application that catches OSError and retries with the same decompressor to resume in an invalid internal state and perform out-of-bounds writes to a stack buffer, possibly crashing the p...
CVE-2026-44541
CVE-2026-44541 affects Fides, an open-source privacy engineering platform. A DOM-based XSS exists in the client-side script fides.js when HTML-formatted descriptions are enabled, reachable from version 2.33.0 up to before 2.84.5. The vulnerability is triggered via the fides_description override, ...
CVE-2026-40215
OpenVPN vulnerability CVE-2026-35058 and CVE-2026-40215 affect OpenVPN 2.6.x and 2.7.x up to 2.7.1. The issues include: (1) CVE-2026-35058 — server crash via an ASSERT caused by a malformed tls-crypt-v2 packet, exploitable by a client with a valid tls-crypt-v2 key, and (2) CVE-2026-40215 — a race...
CVE-2026-11585
CVE-2026-11585 involves CodeAstro Student Attendance Management System 1.0. The vulnerability is in an unknown function of the file /attendance-php/Admin/createClassArms.php , where manipulating the argument classId triggers an SQL injection. The issue can be exploited remotely, and the exploit h...
CVE-2026-11584
CodeAstro Student Attendance Management System 1.0 contains an SQL injection in /attendance-php/Admin/createClass.php?action=edit caused by unsafely manipulated ID parameter. The vulnerability is exploitable remotely and, per sources, an exploit has been publicized. No remediation details are pro...
CVE-2026-35058
Summary of CVE-2026-35058 / CVE-2026-40215 (OpenVPN) OpenVPN versions affected: 2.6.0–2.6.19 and 2.7_alpha1–2.7.1. The issue in tls-crypt-v2 key extraction stems from improper validation of packet length, which can trigger a fatal assertion and cause a denial of service when processing a speciall...
CVE-2026-40519
Nginx Proxy Manager versions 2.9.14–2.15.1 are affected by an authenticated remote code execution via OS command injection in backend/setup.js (setupCertbotPlugins). The user-controlled dns_provider_credentials field is interpolated directly into a shell command executed with child_process.exec()...
CVE-2026-11583
The CVE-2026-11583 entry concerns CodeAstro Student Attendance Management System 1.0. Affected component: /attendance-php/Admin/createClass.php; the vulnerability arises from manipulating the argument className, resulting in SQL injection. The issue is exploitable remotely, and the exploit has be...
CVE-2026-49141
WACRM vulnerability CVE-2026-49141: auth bypass in the automation engine allows an authenticated attacker to access/modify contacts of other tenants by sending a caller-controlled contact_id in a POST body, bypassing tenant ownership verification. Exploitation occurs via the service-role client t...
CVE-2026-46484
Summary: Headplane (a Web UI for Headscale) had a path traversal and authorization bypass vulnerability in the Headscale API client used during node and user rename operations. Affected versions and patch: the issue affects Headplane prior to 0.6.3 and 0.7.0-beta.3; it has been patched in 0.6.3 a...
CVE-2026-47345
The CVE-2026-47345 issue affects the TYPO3 html-sanitizer component prior to version 2.3.2, where namespace attributes are not encoded correctly during HTML serialization, enabling bypass of the built-in XSS prevention. The underlying impact is a cross-site scripting risk in affected TYPO3 deploy...
CVE-2026-47344
TYPO3 HTML Sanitizer (typo3/html-sanitizer) vulnerability CVE-2026-47344 affects versions before 2.3.2. When ALLOW_INSECURE_RAW_TEXT is enabled, whitespace-variant closing tags (e.g., ) are not recognized by the sanitizer but browsers accept them as valid end tags, allowing subsequent content to ...
CVE-2026-11582
The CVE-2026-11582 entry affects CodeAstro Student Attendance Management System 1.0. The vulnerability is an SQL injection in an unknown function of /attendance-php/index.php triggered by manipulating the Username argument. Remote exploitation is possible, and an exploit has been published. Affec...
CVE-2026-11559
CVE-2026-11559 affects CodeAstro Payroll System 1.0. The vulnerability exists in an (unnamed) function of the file /view_account.php, where manipulation of the argument ID enables an SQL injection. It is exploitable remotely and the exploit is public. CVSS metrics in the entry show a MEDIUM sever...
CVE-2026-46490
CVE-2026-46490 affects samlify (Node.js) prior to v2.13.0. The issue: template substitution only escapes attribute contexts; values placed in element text (e.g., saml:AttributeValue ) aren’t escaped. An attacker can inject XML markup into attribute values (e.g., email, name) and insert new saml:A...
CVE-2026-11393
Affected software: AgentCore CLI (v0.14.2 fix). Vulnerable path: Python code generation in AgentCore CLI before v0.14.2. Root cause: improper neutralization of triple-quote characters during code generation, enabling an authenticated remote actor to run arbitrary code. Impact: potential execution...
CVE-2026-46486
MVT (Mobile Verification Toolkit) has a path traversal vulnerability in iOS Backup processing due to unsanitized file identifiers. The fileID field from Manifest.db is used directly in path construction in two code paths: mvt-ios decrypt-backup (read/write paths) and mvt-ios check-backup (get bac...
CVE-2026-11558
CodeAstro Payroll System 1.0 contains a SQL injection vulnerability in an unknown function within /home_salary.php. The vulnerability arises from manipulation of the rate/salary_rate argument and is exploitable remotely. The exploit has been publicly disclosed and may be used. The connected sourc...
CVE-2026-10544
This CVE (CVE-2026-10544) affects Devolutions Server, specifically versions 2026.2.4.0 and 2026.1.20.0 and earlier. The issue is described as improper neutralization of special elements in the built-in PAM provider password rotation templates, allowing an authenticated user with write access to a...
CVE-2026-10787
The CVE-2026-10787 entry concerns Devolutions Server (versions 2026.2.4.0 and 2026.1.20.0 and earlier) where missing authorization in the deleted user groups API allows an authenticated, low-privileged user to enumerate metadata of deleted user groups via a crafted API request. The issue targets ...